Department of Homeland Security Officials Removed Following Pushback Against Secretive Surveillance Disclosure Policies

The Department of Homeland Security (DHS) has faced significant internal turmoil this year as a series of high-level reassignments within Customs and Border Protection (CBP) has cast a spotlight on the agency’s handling of public transparency and surveillance technology. Since January, multiple career officials, including the head of the CBP privacy office and the agency’s FOIA director, have been removed from their positions. Sources familiar with the situation indicate that these personnel actions were direct responses to internal opposition against a new directive mandating the blanket withholding of Privacy Threshold Analyses (PTAs) under the Freedom of Information Act (FOIA).

These documents, which serve as foundational compliance assessments for new government systems involving personal data, were previously accessible to the public as a matter of standard procedure. The shift in policy, however, has effectively curtained access to critical information regarding how the government monitors, tracks, and stores data on citizens and non-citizens alike.

The Catalyst: The Mobile Fortify Controversy

The friction between political leadership and career privacy staff appears to have reached a boiling point in late 2023. The conflict originated from the disclosure of a specific PTA concerning "Mobile Fortify," a facial recognition application utilized by federal agents to identify individuals in the field.

When the document was obtained via a FOIA request by independent journalists, it revealed details that had been largely hidden from the public eye. The PTA acknowledged that the app collected biometric data—specifically fingerprints and facial images—without the explicit consent of the individuals being scanned. Furthermore, the document confirmed that US citizens and lawful permanent residents were frequently caught in these surveillance dragnets. Perhaps most alarming to privacy advocates was the disclosure that every image captured by the system was slated for retention for up to 15 years, regardless of whether the individual was a person of interest or simply a bystander.

The public outcry following this revelation reportedly frustrated DHS political leadership. In the months that followed, the department initiated a structural pivot to ensure that similar compliance forms would no longer reach the public domain.

A Chronology of Secrecy

The timeline of these administrative changes suggests a coordinated effort to insulate surveillance programs from public scrutiny:

• September 2023: DHS effectively halts the publication of PTAs, which had previously been available on agency websites.
• December 3, 2023: The DHS Privacy Office issues a "major change" mandate, requiring all future PTAs to include a disclaimer labeling them as "draft" documents. This label is intended to trigger the "deliberative process privilege," a FOIA exemption designed to protect internal, pre-decisional recommendations from disclosure.
• January 2024–Present: Career privacy officials at CBP, who raised legal objections to the "draft" labeling of signed, finalized documents, begin to be removed from their roles.
• February 20, 2024: Internal communications reveal the breadth of the policy. In an email to senior leadership, the deputy FOIA chief for DHS explicitly states, "PTAs are NOT supposed to be released at all," contradicting public assertions of transparency.

Legal and Ethical Implications of the "Draft" Designation

At the heart of the dispute is the legal status of a Privacy Threshold Analysis. These forms are not merely internal musings; they are mandatory compliance documents that record whether a new technology has passed a privacy review or requires deeper investigation.

Legal experts argue that labeling a signed, finalized compliance form as a "draft" is a categorical abuse of the FOIA process. Ginger Quintero-McCall, an attorney at the Free Information Group and a former supervisory information law attorney at FEMA, characterizes the policy as "illegal." According to Quintero-McCall, there is no statutory basis in FOIA that allows an agency to withhold these records simply by attaching a disclaimer.

The irony of the situation, according to former and current agency staff, is the "legal incoherence" of the directive. A document cannot simultaneously be a signed, authoritative record and an "advisory opinion" in the draft stage. By forcing this categorization, the department is attempting to circumvent the law, effectively shielding the mechanics of surveillance technology from oversight by Congress, the media, and the public.

Discrepancies in Official Statements

When queried by the press, DHS officials have maintained that the agency has not adopted a policy to make PTAs exempt from FOIA. A spokesperson stated, "Any allegation that DHS adopted a policy making Privacy Threshold Analyses exempt from the Freedom of Information Act is FALSE." The department further asserted that when these documents are requested, they are subjected to "the same review applied to other agency records."

However, this public position is directly contradicted by internal correspondence. The email from the deputy FOIA chief, Catrina Pavlik-Keenan, makes no mention of a case-by-case review, instead establishing a firm, department-wide prohibition on the release of these records. This discrepancy highlights a growing chasm between the department’s public-facing transparency commitments and its internal operational realities.

The Broader Impact on Privacy and Accountability

The implications of this policy shift extend far beyond the bureaucratic shuffling of personnel. For organizations like the American Civil Liberties Union (ACLU) and the Electronic Privacy Information Center (EPIC), the loss of access to PTAs represents a significant erosion of civil liberties.

Nathan Wessler, deputy director of the ACLU’s Speech, Privacy, and Technology Project, notes that PTAs are often the only record the public has to understand the privacy impacts of emerging technologies. When an agency concludes there is "no significant privacy impact," the review process often ends there. Without access to these documents, the public is deprived of the ability to audit the agency’s reasoning. If the government’s logic is flawed or undervalues individual rights, there is no mechanism for correction until after a violation has already occurred.

Furthermore, historical precedents suggest that the government has previously accepted the necessity of disclosing these records. In a notable 2015 case involving the FBI, the agency released nearly 50 PTAs, acknowledging them as standard agency records. The recent shift by DHS marks a sharp departure from these past transparency standards, signaling a more aggressive stance toward shielding surveillance programs from external review.

Analysis: A Culture of Retaliation?

The removal of high-level privacy officers who objected to the new policy has created a chilling effect within the department. Career staff, who are tasked with ensuring that agencies act within the bounds of federal privacy law, now find themselves in a precarious position where adherence to the law may result in professional exile.

Jeramie Scott, senior counsel at EPIC, emphasizes that FOIA mandates narrow, fact-based redactions rather than broad, administrative secrecy. The current policy, he argues, is a transparent attempt to evade the accountability that is inherent in a democratic system. By removing the very officials responsible for vetting these technologies, DHS is not only obstructing the public’s right to know but is also weakening the internal checks and balances that are supposed to safeguard the privacy of the American public.

As the situation continues to unfold, the removal of these key officials raises significant questions about the current leadership’s commitment to the rule of law. If the department continues to equate the disclosure of standard compliance records with the unauthorized release of classified information, the public will likely find itself in the dark regarding the next generation of government surveillance, from facial recognition tools to advanced data-harvesting algorithms.

The ongoing tension between the Department of Homeland Security and its own career privacy staff suggests that the struggle for transparency is far from over. As more internal records continue to reach the public, the discrepancy between official rhetoric and internal practice will likely continue to draw scrutiny from oversight committees and legal advocates, potentially leading to further legal challenges against the department’s restrictive policies.